Iran's hacking tools: source code leakage

Σε ένα περιστατικό που θυμίζει τη των hacking tools της NSA από τους Shadow Brokers, someone has published similar hacking tools belonging to one of Iran's top espionage teams, known as APT34, Oilrig or HelixKitten.

The leaked hacking tools are not as specialized as the NSA tools leaked by 2017, but they are extremely dangerous.
They also spilled the data of the victims of the tools and circulated online.Hacking tools

The tools leaked from mid-March on a Telegram channel from a person using Lab Dookhtegan as a pseudonym.

In addition to hacking tools, Lab Dookhtegan published data from APT34 victims. The data contains combinations of names and passwords and appears to have been collected through phishing pages.
Let's say his Twitter account is closed for obvious reasons

https://twitter.com/dookhtegan

Several cyber security experts have already confirmed the authenticity of the tools.

On the Telegram Channel that was discovered today, the hacker has leaked the source code of six hacking tools and the content from many active backend panels where the victims' data was collected.

Hacking tools:

– Glimpse (latest version of a which is based on PowerShell and Palo Alto Networks calls BondUpdater)
- PoisonFrog (older version of BondUpdater)
- HyperShell (web shell called Palo Alto Networks TwoFace)
- HighShell (another web shell)
- Fox Panel (phishing kit)
- Webmask (DNS tunneling, main tool behind DNSPionage)

In addition to the source code of the above tools, Dookhtegan also leaked data of victims that had been collected on some of the servers. and control (C&C from command-and-control) of the APT34 team.

Overall, Dookhtegan leaked data from 66 victims, mainly from the Middle East, Africa, East Asia and Europe.

The data come from government , but also by private companies. The two largest companies mentioned in the telegram channel are Etihad Airways and Emirates National Oil. A list of victims (but without names of companies / government agencies) is available below.

___________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).